I see what Steve is saying.
6.44.8 (first paragraph) indicates that a password is
required to execute SECURITY ERASE UNIT in any condition.
4.7 (third paragraph) indicates the behavior of SECURITY
ERASE UNIT when the security level is set to high or maximum. (Basically
security is enabled by specifying a user password on a SECURITY SET PASSWORD
command)
I would state that the state machine text in 4.7 could use
a little touch up to indicate the transitions on SECURITY ERASE UNIT from the
locked condition only happen when a password is successfully presented. Also,
the text on transitioning from the unlocked to locked state needs to be
clarified as well.
I'll make a note to write up a proposal when I get done
with some of my others.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Livaccari
Sent: Tuesday, May 17, 2005 11:41 AM
To: Joseph Chen - SISA
Cc: [email protected]; [EMAIL PROTECTED]; Thomas Jansen
Subject: RE: [t13] Back to the main problem. Please read
Sorry, but the standard clearly states that if the password does not match the password perviously saved by the device the device shall abort the command.
Regards,
Steve Livaccari
Hard Drive Engineering
IBM Global Procurement
Internet: [EMAIL PROTECTED]
Phone (919) 543.7393
Joseph Chen - SISA <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]05/17/2005 02:27 PM
Thomas Jansen <[EMAIL PROTECTED]>, [email protected] RE: [t13] Back to the main problem. Please read
This message is from the T13 list server.
My understanding on the spec is one can do Security Erase without password.
Regards,
Joseph
-----Original Message-----
From: Thomas Jansen [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 9:50 AM
To: [email protected]
Subject: Re: [t13] Back to the main problem. Please read
This message is from the T13 list server.
Curtis Stevens wrote:
>This message is from the T13 list server.
>
>
>Pat
>
> Currently the ATA through SCSI community is not affected because
>there is no real translation from SCSI to ATA security. This could be an
>issue in the future when ATA pass-though is implemented.
>
> I think that we should also note that the drive need not be
>returned. Security Erase is used to clear the password along with the
data.
>This does give the user a way to retrieve the drive if it gets passworded.
>
>
>
Not as far as I understand the standard. The drive will only accept the
Security Erase command when either the master or user password is supplied.
In case of a virus both passwords will be set to random. This was the
original question I asked.... :-)
Sincerely,
Thomas
